package cn.uniqueinfo.dp.shiro;

import cn.uniqueinfo.dp.exception.UQException;
import cn.uniqueinfo.dp.service.IUserService;
import cn.uniqueinfo.dp.vo.PermissionVO;
import cn.uniqueinfo.dp.vo.RoleVO;
import cn.uniqueinfo.dp.vo.UserVO;
import com.oracle.tools.packager.Log;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;

/**
 * @author:朱元勋
 * @mail:395910063@qq.com
 * @date:2019-01-04 11:00:18
 * @description:
 */
@Slf4j
public class ShiroRealm extends AuthorizingRealm {

    /** 默认拥有的权限 */
    @Value("${shiro.default.permissions}")
    private String defualtPermissons = "";

    @Autowired private IUserService userService;

    /** 授权 */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        log.debug("开始获取账号权限配置");
        // 获取登录用户名
        String loginName = ((UserVO) principals.getPrimaryPrincipal()).getLoginName();
        log.info("当前登录的账号:[" + loginName + "]");
        // 查询用户信息
        UserVO userVO = userService.findByLoginName(loginName);
        // 获取角色和权限
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        for (RoleVO roleVO : userVO.getRoles()) {
            // 添加角色
            simpleAuthorizationInfo.addRole(roleVO.getRoleName());
            for (PermissionVO permissionVO : roleVO.getPermissions()) {
                // 添加权限
                simpleAuthorizationInfo.addStringPermission(
                        permissionVO.getFormName() + ":" + permissionVO.getFormOperation());
            }
        }

        // 添加默认的权限信息
        if (this.defualtPermissons != null && this.defualtPermissons.length() != 0) {
            String[] permissions = this.defualtPermissons.split(",");
            for (String permission : permissions) {
                simpleAuthorizationInfo.addStringPermission(permission);
            }
        }
        return simpleAuthorizationInfo;
    }

    /** 登录认证 */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        Log.info("开始验证账号与密码");
        if (token.getPrincipal() == null) {
            return null;
        }

        // 获取用户信息
        String loginName = token.getPrincipal().toString();
        UserVO userVO = userService.findByLoginName(loginName);

        if (userVO == null) {
            return null;
        } else {
            if (userVO.getStatus() == 1) {
                throw new UQException(0, "unvalid", "当前用户状态为禁用状态");
            }
            SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(userVO, userVO.getLoginPwd(), getName());
            return simpleAuthenticationInfo;
        }
    }
}
